CVE-2009-1891
published 2009-07-10CVE-2009-1891: The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which…
high7.1CVSS 3.1
AVNACMAuNCNINAC
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | >= 2.0.35 < 2.0.64 | 2.0.64 |
| apache | http_server | >= 2.2.0 < 2.2.12 | 2.2.12 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | apache2 | < apache2 2.2.11-7 (bookworm) | apache2 2.2.11-7 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvd7.1HIGHAV:N/AC:M/Au:N/C:N/I:N/A:C
osv7.1HIGH